Privacy Policy

This Privacy Policy describes how Novex Research ("we," "our," or "us") collects, uses, and shares information about you when you use our website at novexresearch.com (the "Site") or purchase products from us.

By accessing or using the Site, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Site. We may update this policy from time to time; continued use of the Site after changes constitutes acceptance of the revised policy.

Information you provide directly:

• Account data: Name, email address, and hashed password when you create an account.
• Order data: Shipping address, billing address, email address, and order contents collected at checkout. Payment card data is processed directly by Stripe and is never stored on our servers.
• Communications: Messages, emails, or support requests you send to us.

Information collected automatically:

• Usage data: Pages visited, time on site, referral source, browser type, and operating system collected via standard server logs.
• Device data: IP address, device type, and viewport size.
• Cookies: Session cookies required for authentication and cart functionality. See the Cookies section below.

We use the information we collect to:

• Process and fulfill your orders, including sending order confirmation and shipping notification emails.
• Maintain your account and allow you to view your order history.
• Respond to support inquiries and resolve disputes.
• Detect and prevent fraudulent transactions and abuse of our platform.
• Comply with legal obligations, including tax reporting and export control regulations.
• Send you transactional emails directly related to your orders. We do not send unsolicited marketing emails unless you have explicitly opted in.
• Improve our site, products, and services through aggregate, anonymized analytics.

We share your information only with the following categories of service providers who help us operate our business:

• Stripe, Inc. — Payment processing. Stripe receives billing information to authorize and process payments. Stripe's privacy policy applies to data processed on their systems.
• Shipping carriers (USPS, UPS, FedEx, DHL) — Your name and shipping address are shared with the carrier to generate a shipping label and deliver your package.
• Transactional email provider — Used solely to deliver order confirmation and shipping notification emails.
• Cloud hosting infrastructure — Our servers and database run on infrastructure that has access to encrypted data in the course of operating the service.

We may also disclose information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect the safety of any person or to prevent fraud.

Account information is retained for as long as your account is active. If you delete your account, your personal profile data is removed within 30 days. Order records are retained for 7 years in accordance with tax and financial record-keeping requirements.

Server logs and analytics data are retained for a maximum of 12 months and are then permanently deleted.

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to our processing of your data for certain purposes.
• Withdrawal of consent: Where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, please email [email protected]. We will respond within 30 days. We may need to verify your identity before processing certain requests.

We use cookies and similar technologies for the following purposes:

• Authentication cookies: Required to keep you signed in to your account (session management). These are essential and cannot be disabled without logging you out.
• Cart cookies / localStorage: Used to persist cart contents between visits, even when not logged in.
• Preference cookies: Store your warehouse selection and UI preferences.

We do not use third-party advertising cookies, cross-site tracking cookies, or analytics cookies that share your data with external ad platforms. You can clear cookies through your browser settings at any time, though doing so will log you out and clear your cart.

We implement industry-standard security measures to protect your data, including:

• TLS 1.3 encryption for all data in transit between your browser and our servers.
• Passwords stored using bcrypt hashing with per-user salts — we never store raw passwords.
• Payment card data is never stored on our servers; all card processing is delegated to Stripe (PCI DSS Level 1 certified).
• Database access restricted by network firewall to authenticated application servers only.
• Regular security audits and dependency vulnerability scanning.

Despite these measures, no system is 100% secure. If you believe your account has been compromised, please contact us immediately at [email protected].

This Privacy Policy is governed by the laws of the United States. For users in the European Economic Area (EEA), we process personal data on the lawful basis of contract performance (order fulfillment) and legitimate interests (fraud prevention and site security).

For all privacy-related inquiries, contact us at:
[email protected]
Novex Research, United States